Posted
by
BeauHDon Wednesday March 30, 2016 @07:32AM
from the there's-always-next-time dept.

An anonymous reader quotes a report from Los Angeles Times: The successful hack of a phone linked to the San Bernardino terror attacks is unlikely to help police win greater access to encrypted data contained inside thousands of smartphones sitting in evidence lockers nationwide, legal experts and law enforcement officials said Tuesday. The process used to gain access to Syed Rizwan Farook's iPhone 5c might not work on other devices, according to an FBI official with knowledge of the investigation. Though the FBI might want to use the new tool to help solve outstanding criminal cases, doing so would also make the process subject to discovery during criminal trials and place the information in the public domain, according to the official, who was not authorized to discuss the case and spoke on the condition of anonymity.
"From all the chiefs that I've talked to, we're hopeful this will give us some insight into how we're going to be able to get into some of the phones sitting in all of our evidence rooms," said Terry Cunningham, police chief in Wellesley, Mass., and president of the International Assn. of Chiefs of Police. "We're clearly anxious to learn what they did and how they did it and if it can be replicated."

Also, parallel construction is a thing. [wikipedia.org] They snoop into phones / computers / etc, then use that data to create a secondary trail of evidence to the same outcome thus concealing the fact that they snooped without a warrant.

Actually, the link you provide specifically says that this method called "Parallel Construction" is illegal in a circumstance where a warrant would have been required for the original evidence. It is always possible that the court will never know that the evidence was tainted but the practice is still illegal. The situation where it is legal is to protect an informant who may be harmed otherwise. Talking to a third person doesn't bring up Fourth or Fifth Amendment issues anyway. The idea of continuing a

That's the whole point of parallel construction, it's a method to legitimize their actions. Good luck proving it though, and even if you do successfully demonstrate it, good luck proving its extent sufficient to avoid prosecution.

Though the FBI might want to use the new tool to help solve outstanding criminal cases, doing so would also make the process subject to discovery during criminal trials and place the information in the public domain

Yes, if such a tool exists, details on this process eventually will become public.

Apple would have told everyone how they flash their chips internally? They would have provided modified binaries that dont increment the bad password counter? Because that is all that was being asked for.

Yes, and yes. Well, Apple wouldn't have done either, but the courts would have done it for them. The right to examine all of the evidence against you implies the right to examine the tools and processes used to gather that evidence. Eventually some court would have ordered the FBI to provide full details to the defense, and it would either come out in the public trial, on the record, or it would have been inadvertently leaked by the defense. Or maybe a copy might have been leaked by an Apple employee for wh

or, there WAS NO HACK and they simply are lying to cover their damned asses.

my guess is that they have no hack and they want us all to think they broke in, so they could abandon a LOSING COURT CASE before the proper precident (one that favors freedom instead of unwarranted authoritarian power-grabs) was set.

the simplest explanation is often the case: they were losing big-time in the court of public opinion and they could not force the richest company IN THE WORLD to do their petty bidding. they knew they'd lose and so they cower with tail between legs, making up a fake 'victory story' which is 100% opposite of the actual truth.

the good guys have switches places, it seems. I wonder if/when we'll get our real good guys back? will that happen in our lifetime?

I think partly describes what happened. The FBI was already able to hack the phone before this case, and wasn't even that interested in the content of the phone, but preferred to use it as a precedent to pressure Apple. Now they're backpedalling, but not by lying. Or maybe they're lying even. But they can still hack the phone without apple. Snowden described one technique for hacking the iphone, backing up the memory and overwriting it again and again after x failed password attempts.Can be automated and o

If you go by the simplest explanation (and we receive no further information to help us), then you're going to conclude that someone cracked it.

There is significant fraction-of-a-world of people who think Apple's hardware is generally pretty decent (at worst! a lot of people downright like it). But the hardware, for all its perceived virtues, has one big glaring problem: it tries to prevent people from running whatever software that they want to. So there are a fuckton of people who look for bugs, in order to be able to root their own phones and gain control of the machine that they bought. Some of them find the bugs. It has always been so, and that's how it is on this platform too, unless you are saying that you think Apple is the one company in the history of this industry, who has finally managed to produce bug-free consumer products.

You're not saying that, are you?

If not, then the simplest explanation is that someone with physical access to the device managed to gain control of it, since that sort of thing happens all the time anyway, with or without the FBI backing the effort.

they were losing big-time in the court of public opinion and they could not force the richest company IN THE WORLD to do their petty bidding. they knew they'd lose

Believe it or not, you're actually overstating how much the FBI was winning; they were far more doomed and already-defeated than you describe. They've probably won the battle for the iPhone 5c, and they might possibly (it's iffy, but possible) win on some newer handheld/toy PCs. But they have no chance, ever, when it comes to solving the general problem. If users actively try to protect their data then the data will be really encrypted, such that subverting the device doesn't get you the key (or 10k possible keys, where one is really it). And then attackers can go crying or threatening whatever manufacturers they want, and it won't help them a bit.

This time, they couldn't wave their $5 wrench at the user (dead men are hard to intimidate), so they waved it at someone else. (It was either a miracle or technological travesty (pick your PoV) that someone else could actually help them.) Next time, there is no "someone else" unless the user is just as incompetent (or more likely: apathetic) as Farook was.

or, there WAS NO HACK and they simply are lying to cover their damned asses.

I'm mainly inclined to believe this as well, especially given the reports I saw yesterday where the phone is now useless because the FBI managed to spill water on the phone, completely destroying it, mere moments after they broke in. Really?

Or maybe a copy might have been leaked by an Apple employee for whatever personal reason.

Apple is the party the government wants the exploit to not get leaked to. The entire point of the anonymous official's quotation is that if the FBI ever uses (in court) evidence gained through this exploit, then Apple will be able to fix..

..uhh..

..their obsolete product from a few years ago. Which nobody cares about, since the entire reason this whole FBI-Apple story exists is because the PC in question had unusuall

But make no mistake: the effectiveness of the security system that we're talking about, is decades behind what we're otherwise used to.

Completely false. Desktop encryption is, in general, far, far inferior to what we have on mobile devices today, because the systems are wide open, which means that the only line of defense is the user's password. Pull the hard drive out, make a copy, and go to town brute forcing it. Done. A small subset of machines these days have a TPM and use it in their encryption, which is better but not hard to fake out. You just have to feed the right sequence of hashes to the device, and it'll do your bidding.

No, mobile devices and mobile OSes are dramatically more secure than desktops and laptops. They use hardware-embedded keys in addition to the user password. When the hardware also enforces brute force rate limiting (as the newer Apple devices do), it's even better.

The one small advantage that machines with full-sized keyboards have is that users are slightly more likely to choose a better password. But only slightly, and hardware performance plus the availability of dirt cheap supercomputing (AWS or GCE) has largely erased that advantage.

Pull the hard drive out, make a copy, and go to town brute forcing it. Done.

I hope they have plans for relocating their brute forcermachines, because the sun is going to become a red giant a blink-of-an-eye into the project.

No, silly, you don't brute force the encryption keys, you brute force the password. Search the 20-bit space, not the 256-bit space.

If what you're describing were practical, then the FBI could have done it with that phone too. They wouldn't have cared about obtaining the hardware-embedded keys, because who needs keys?

The key being burned into the chip means that brute force search of the password space has to be done on the phone (unless you can dig the key out of the chip). The basic idea here is that the disk encryption key is something like a keyed hash of the password, e.g. HMAC(key, password). If you try to brute force the encryption key directly, being enveloped by the expanding sun is

The haystack of my password is 3.62 x 10^121; at 100,100,100,100,100 guesses per second, it would take 1.15 hundred trillion trillion trillion trillion trillion trillion trillion trillion centuries to exhaustively search that. Statistically maybe half that time (duhno, I'm no mathematician - I got that from an online calculator at CNBC* [slashdot.org]), but even massively in parallel it's gonna take until the day after the copyright expires on the mouse.

I'm thinking the password is likely to be much larger than a 20 bit space. 20 bits is only slightly larger than the number of words in the English language. If the password can be more than a single word, or a word in another language, or uses even rudimentary and obvious character substitutions this number scales up very rapidly. Maybe you won't get up to the true 256 bit space, but it can still be enough to make brute force costs prohibitive.

I'm thinking the password is likely to be much larger than a 20 bit space.

It can be. And I meant to type "40-bit space"... which is still *well* within the realm of what's brute forceable. 20 bits can be searched in under a second on a single machine, depending on the per-try computation required (use of a good password hash algorithm makes it a little harder).

Maybe you won't get up to the true 256 bit space, but it can still be enough to make brute force costs prohibitive.

Less than you might think. Passwords are weak. Very few users actually choose passwords that get anywhere near 40 bits of entropy, and these days you really need closer to 50 bits. And climbing, but as computers get faster

Passphrases are better, certainly, but without some significant anti brute force mitigation they're also not going to be secure for long. There are limits to what people can invent and remember, and are willing to enter regularly, and those limits aren't anywhere near the "red giant sun" range... particularly if people have to deal with many different passphrases.

The media is overstating the case. The actual FBI court filing of two days ago did not say they had defeated the iPhone security; it merely alleged to have 'obtained the contents of the iPhone' in question. Maybe they found an iPhone backup for all we know.

The FBI has a significant reason to mislead or lie since they would want to avoid a negative precedent being set at the District Court level, especially after federal Magistrate Judge Orenstein of Brooklyn, NY ruling that Apple did not have to be subject to the All Writs Act. I believe that the FBI will wait for an even more sympathetic case.

Even if they had "cracked the iPhone" there is no reason that the FBI would not pursue the case in District Court IF it thought it would prevail, since there is no reason to believe that Apple would not patch the bug and a favorable ruling wold apply to all hardware vendors.

No, it is clear that the FBI lost this one AND they are likely to be misleading or lying about about the obtaining the information.

Here is the relevant text from the very short FBI filing:“...the FBI has now successfully retrieved the data stored on the San Bernardino terrorist’s iPhone and therefore no longer requires the assistance from Apple required by this Court Order,”

The technically naive would naturally think that this means they cracked the iPhone security. Bullshit.

more than that they now claim to have destroyed the phone after gaining access but before accessing the data:The NewYorker"Unlocked iPhone Worthless After F.B.I. Spills Glass of Water on It"By Andy Borowitzhttp://www.newyorker.com/humor... [newyorker.com]

Even worse than the expected FBI spin is the NYT coverage both declaring an FBI victory and smearing Apple as a defiant scofflaw.http://www.nytimes.com/2016/03/18/technology/apple-encryption-engineers-if-ordered-to-unlock-iphone-might-resist.html

Despite the fact that Timothy Cook said that Apple will follow the law once settled in the courts what it actually is.

John Markoff is a long-time NYT tech staff writer and I have known him for more than 25 years; I cannot imagine why he would want to vilify Apple in

this has gotten to the point of being utterly disgusting. did the fbi have success in getting the data off the phone? maybe. did they have success against Apple or against strong encryption? fuck no.

i've been saying from the very beginning that iGummies do not run on faerie dust and unicorns. (even 35,000 year old unicorns!) i am fucking sick of the media misleading the public to believe that Apple has some kind of deep magick from before time that they've cast on their phones that make

As a one-time litigator in US district court, it is not perjury to lie to the court unless explicitly under oath. Though as an officer of the court it is unethical--possibly even contemptuous or an obstruction--to mislead or lie in a motion or other non-sworn court paper. In my experiences sanctions are few and far between for such behavior, however, despite my experience that the most prolific perjurers in court are the police and the attorneys.

In general parties ask for dismissal of their claims all the time before adjudication in order to avoid a bad result. For example, I made a motion for summary judgment in a trade secret case in San Jose. The Plaintiff moved for dismissal with prejudice. Since it was immediately granted, I did not gain a District Court precedent.

In this case the smearing and vilification of Apple is in fully swing. I suppose that it is punishment for not simply rolling over for LE demands.

A little chip can do AES-256 encryption, and cracking that, assuming we could develop large enough quantum computers that ran sufficiently efficiently, would require more resources than exist in the Solar System. The only way to attack the cipher is to determine what the key is. The key, on a 5C or later, is a 256-bit random number combined with the PIN in some manner. The 256-bit random number is inaccessible, so the only way to get the key is to pu

So all those DAs and Police Chiefs were hoping for a "plug in cable and download contents" kind of hack. More likely, the FBI's contractor opened the phone, carefully removed the NAND flash, copied it, and went about the crack in the way described in the ACLU filing. This is a "multiple work week" kind of task and probably would cost $15-20k/phone: the technique, the tools, and the process are well understood. No police department is going to invest $20k to crack a phone for a minor crime.

Probably not. Rumor has it that it's an Israeli company. And most companies based in foreign nations that are involved in security or intelligence work are not available for purchase by outsiders. Or anyone not inside the good old boys intelligence circle (definitely not Apple).

The DOJ don't want you to be able to own a thing they can't open. It could be a new super-secure safe, a car with a security trunk, or an electronic device.

If they attack your right to own such a thing, they look like bad guys. So, they've been working behind the scenes to ensure you can't acquire such a thing to begin with. The secret moves against Truecrypt and now the iPhone encryption show this new strategy . I don't know how many other companies have been pressured also.

I cannot trust the US Government had not already opened the phone when they raised is as a fulcrum in a war against personal privacy.I cannot trust the US Government successfully opened the phone, because they were in no position to admit they could not.I cannot trust the US Government did not state they opened the phone, to wait for a better political climate, meaning after the next inevitable terrorist attack, to push their agenda forward.

I cannot trust the US Government because they lied to the American people, and went ahead with the Total Information Awareness program--even after they were told not to.

People, we have three serious problems:Firstly, there are terrorists in the world, who do nothing more than than soldiers who strike against civilian targets.Secondly, we have people in power using unpolitical tested methods to gain information, and therefor power, with no checks and balances.Lastly, and no one seems to be talking about this: it is impossible for any information to collected and observed--and not be used in a partisan way.

I was thinking this big priority on accessing phones, surveillance, etc. but generally police no longer respond to burgarlies. I'm old enough to remember police would investigate burgarlies but these days not really. Will it free up resources to concentrate on crimes that effect us commoners?

I was thinking this big priority on accessing phones, surveillance, etc. but generally police no longer respond to burgarlies. I'm old enough to remember police would investigate burgarlies but these days not really. Will it free up resources to concentrate on crimes that effect us commoners?

If the burglar does not leave his iPhone behind then the police will have nothing they can do!

This was not about getting the information. Neither Apple, nor the public, nor the courts said the FBI could not get the information.

This was always about whether the government could force Apple to get the information for them. That did not happen.

Therefore the FBI clearly lost this issue. They failed to convince Apple to do their bidding. They failed to convince a court to order Apple to do their bidding. They failed to convince the general public that their bidding was righteous, they even failed

be able to get into some of the phones sitting in all of our evidence rooms

At what point if any can a defendant request the government return his property (phone)? If we acknowledge that smartphones are different because they contain a huge amount of personal information, should there be a limit to how long law enforcement can hold onto the device?

It would be like them seizing your entire house of all contents, along with all your safe deposit boxes, and every document from your place of business, and keep them forever while they decide whether or not to make a case against you

"From all the chiefs that I've talked to, we're hopeful this will give us some insight into how we're going to be able to get into some of the phones sitting in all of our evidence rooms," said Terry Cunningham, police chief in Wellesley, Mass., and president of the International Assn. of Chiefs of Police. "We're clearly anxious to learn what they did and how they did it and if it can be replicated."